Skip to main content
SpringerLink
Log in

A Multiple Agents Based Intrusion Detection System

  • Conference paper
Knowledge-Based Intelligent Information and Engineering Systems (KES 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3681))

Abstract

Three reasons, in our opinion, are responsible for the high false alarm rate of current intrusion detection practice. They are: (i) only single information source is analysed by an intrusion detection system, (ii) only a single method is used for the analysis, and (iii) there is no distinction of vulnerability, threat, attack, and intrusion. This paper first studies the dynamics of attackers and defenders and then lists all possible information sources. A multiple agents based integrated intrusion detection system (IIDS) is then proposed. The status of our current work is also discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Eskin, E.: Anomaly Detection over Noisy Data Using Learned Probability Distributions. In: The 17th International Conference on Machine Learning, Morgan Kaufmann, San Francisco (2000)

    Google Scholar 

  2. Ourston, D., et al.: Coordinated Internet attacks: responding to attack complexity. Journal of Computer Security 12, 165–190 (2004)

    Google Scholar 

  3. Anderson, R., Khattak, A.: The use of Information Retrieval Techniques for Intrusion Detection. In: First International Workshop on Recent Advances in Intrusion Detection (RAID 1998), Louvain-la-Neuve, Belgium (1998)

    Google Scholar 

  4. Balasubramaniyan, J.S., et al.: An Architecture for Intrusion Detection using Autonomous Agents. In: 14th IEEE Computer Security Applications Conference (ACSAC 1998), IEEE Computer Society, USA (1998)

    Google Scholar 

  5. Bradshaw, J.M.: An Introduction to Software Agents. In: Bradshaw, J.M. (ed.) Software Agents, pp. 3–46. AAAI Press/The MIT Press (1997)

    Google Scholar 

  6. Crosbie, M., Spafford, G.: Defending a Computer System using Autonomous Agents. In: 18th National Information Systems Security Conference, Baltimore, Maryland, USA (1995)

    Google Scholar 

  7. Sherif, J.S., Ayers, R., Dearmond, T.G.: Dearmond, Intrusion Detedction: the art and the practice, Part 1. Information Management & Computer Security 11(4), 175–186 (2003)

    Article  Google Scholar 

  8. Sherif, J.S., Ayers, R.: Intrusion detection: methods and systems, Part II. Information Management & Computer Security 11(5), 222–229 (2003)

    Article  Google Scholar 

  9. Snort, Snort web site, http://www.snort.org

  10. cisco, Cisco IOS Firewall Intrusion Detection System 8010e5c8.shtml, http://www.cisco.com/en/US/products/sw/secursw/ps2113/products_white_paper09186a00

  11. Julisch, K.: Mining Alarm Clusters to Improve Alarm Handling Efficiency. In: 17th Annual Computer Security Applications Conference (ACSAC 2001), IEEE, Los Alamitos (2001)

    Google Scholar 

  12. Pfleeger, C.P., Pfleeger, S.L.: Security in Computing, 3rd edn. Prentice Hall, Englewood Cliffs (2003)

    Google Scholar 

  13. Sharma, D., Ma, W., Tran, D.: On a Computer Security Framework. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds.) KES 2005. LNCS (LNAI), vol. 3684, Springer, Heidelberg (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Sciences and Engineering, University of Canberra, Canberra, Australia

    Wanli Ma & Dharmendra Sharma

Authors
  1. Wanli Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dharmendra Sharma
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Business, La Trobe University, 3086, Melbourne, Victoria, Australia

    Rajiv Khosla

  2. Centre for SMART systems Engineering Research Centre, University of Brighton, Moulsecoomb, BN2 4GJ, Brighton, UK

    Robert J. Howlett

  3. School of Electrical and Information Engineering, Knowledge Based Intelligent Engineering Systems Centre, University of South Australia, 5095, Mawson Lakes, SA, Australia

    Lakhmi C. Jain

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ma, W., Sharma, D. (2005). A Multiple Agents Based Intrusion Detection System. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2005. Lecture Notes in Computer Science(), vol 3681. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11552413_30

Download citation

  • DOI: https://doi.org/10.1007/11552413_30

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-28894-7

  • Online ISBN: 978-3-540-31983-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation